Teach Yourself TCP/IP in 14 Days
Second Edition
Preface to Second Edition
About the Author
Overview
Introduction
1. Open Systems, Standards, and Protocols
2. TCP/IP and the Internet
3. The Internet Protocol (IP)
4. TCP and UDP
5. Gateway and Routing Protocols
6. Telnet and FTP
7. TCP/IP Configuration and Administration Basics
8. TCP/IP and Networks
9. Setting Up a Sample TCP/IP Network: Servers
10. Setting Up a Sample TCP/IP Network: DOS and Windows Clients
11. Domain Name Service
12. Network File System and Network Information Service
13. Managing and Troubleshooting TCP/IP
14. The Socket Programming Interface
Appendix A: Acronyms and Abbreviations
Appendix B: Glossary
Appendix C: Commands
Appendix D: Well-Known Port Numbers
Appendix E: RFCs
Appendix F: Answers to Quizzes

This document was produced using a BETA version of
HTML Transit 2

Teach Yourself TCP/IP in 14 Days, Second
Edition
The second edition of Teach Yourself TCP/IP in 14 Days expands on the very popular first
edition, bringing the information up-to-date and adding new topics to complete the
coverage of TCP/IP. The book has been reorganized to make reading and learning easier,
as well as to provide a more logical approach to the subject.
New material in this edition deals with installing, configuring, and testing a TCP/IP
network of servers and clients. You will see how to easily set up UNIX, Linux, and
Windows NT servers for all popular TCP/IP services, including Telnet, FTP, DNS, NIS,
and NFS. On the client side, you will see how to set up DOS, Windows, Windows 95, and
WinSock to interact with a server. Examples and tips throughout these sections make
the process easy and clear.
Also added in this edition of Teach Yourself TCP/IP in 14 Days are new sections on DNS,
NFS, and NIS. These network services have become popular with the growth of large
TCP/IP networks, so we show you how to configure and use them all. A new section on
the latest version of IP updates the treatment of the base protocols to 1996 standards.
Tim Parker
Mail:
Dean Miller
Comments Department
Sams Publishing
201 W. 103rd Street
Indianapolis, IN 46290
■
Topics Covered in Detail in this Edition
■
The TCP/IP Protocol Family
■
Transport
■

Routing
■
Network Addresses
■
User Services
■
Gateway Protocols
■
Others
Topics Covered in Detail in this Edition
●
Standards and terminology
●
Network architecture
●
History of TCP/IP and the Internet
●
IPng (IP version 6)
●
Telnet and FTP
●
Configuring servers and clients
Introduction
So you've just been told you are on a TCP/IP network, you are the new TCP/IP system
administrator, or you have to install a TCP/IP system. But you don't know very much
about TCP/IP. That's where this book comes in. You don't need any programming skills,
and familiarity with operating systems is assumed. Even if you've never touched a
computer before, you should be able to follow the material.
This book is intended for beginning through intermediate users and covers all the
protocols involved in TCP/IP. Each protocol is examined in a fair level of detail to show

how it works and how it interacts with the other protocols in the TCP/IP family. Along
the way, this book shows you the basic tools required to install, configure, and maintain
a TCP/IP network. It also shows you most of the user utilities that are available.
Because of the complex nature of TCP/IP and the lack of a friendly user interface,
there is a lot of information to look at. Throughout the book, the role of each protocol
is shown separately, as is the way it works on networks of all sizes. The relationship
with large internetworks (like the Internet) is also covered.
Each chapter in the book adds to the complexity of the system, building on the material
in the earlier chapters. Although some chapters seem to be unrelated to TCP/IP at first
glance, all the material is involved in an integral manner with the TCP/IP protocol
family. The last few chapters cover the installation and troubleshooting of a network.
By the time you finish this book, you will understand the different components of a
TCP/IP system, as well as the complex acronym-heavy jargon used. Following the
examples presented, you should be able to install and configure a complete TCP/IP
network for any operating system and hardware platform.
The TCP/IP Protocol Family
Transport
Transmission Control Protocol (TCP): connection-based services
User Datagram Protocol (UDP): connectionless services
Routing
Internet Protocol (IP): handles transmission of information
Internet Control Message Protocol (ICMP): handles status messages for IP
Routing Information Protocol (RIP): determines routing
Open Shortest Path First (OSPF): alternate protocol for
determining routing
Network Addresses
Address Resolution Protocol (ARP): determines addresses
Domain Name System (DNS): determines addresses from machine names
Reverse Address Resolution Protocol (RARP): - determines
addresses

User Services
Boot Protocol (BOOTP): starts up a network machine
File Transfer Protocol (FTP): transfers files
Telnet: allows remote logins
Gateway Protocols
Exterior Gateway Protocol (EGP): transfers routing information for
external networks
Gateway-to-Gateway Protocol (GGP): transfers routing information
between gateways
Interior Gateway Protocol (IGP): transfers routing information
for internal networks
Others
Network File System (NFS): enables directories on one machine to be
mounted on another
Network Information Service (NIS): maintains user accounts across
networks
Remote Procedure Call (RPC): enables remote applications to communicate
Simple Mail Transfer Protocol (SMTP): transfers electronic mail
Simple Network Management Protocol (SNMP): sends status
messages about the network


■
The TCP/IP Protocol Family
The TCP/IP Protocol Family
Transport
TCP (Transmission Control Protocol) Connection-based services (Day 4)
UDP (User Datagram Protocol) Connectionless services (Day 4)
Routing
IP (Internet Protocol) Handles transmission of information (Day 3)

ICMP (Internet Control Message
Protocol)
Handles status messages for IP (Day 3)
RIP (Routing Information Protocol) Determines routing (Day 5)
OSPF (Open Shortest Path First)
Alternate protocol for determining routing
(Day 5)
Network Addresses
ARP (Address Resolution Protocol) Determines addresses (Day 2)
DNS (Domain Name System)
Determines addresses from machine names
(Day 2 and Day 11)
RARP (Reverse Address Resolution
Protocol)
Determines addresses (Day 2)
User Services
BOOTP (Boot Protocol) Starts up a network machine (Day 11)
FTP (File Transfer Protocol) Transfers files (Day 6)
Telnet Enables remote logins (Day 6)
TFTP (Trivial File Transfer Protocol) Enables remote file transfers (Day 6)
Gateway Protocols
EGP (Exterior Gateway Protocol)
Transfers routing information for external
networks (Day 3 and Day 5)
GGP (Gateway-to-Gateway Protocol)
Transfers routing information between
gateways (Day 3 and Day 5)
IGP (Interior Gateway Protocol)
Transfers routing information for internal
networks (Day 5)

Others
NFS (Network File System)
Enables directories on one machine to be
mounted on another (Day 12)
NIS (Network Information Service)
Maintains user accounts across networks
(Day 12)
NTP (Network Time Protocol) Synchronizes clocks (Day 11)
PING (Packet Internet Groper) Checks connectivity (Day 7)
RPC (Remote Procedure Call)
Enables remote applications to communicate
(Day 12)
SNMP (Simple Network Management
Protocol)
Sends status messages about the network
(Day 13)


■
Open Systems
■
What Is an Open System?
■
Network Architectures
■
Local Area Networks
■
The Bus Network
■
The Ring Network

■
The Hub Network
■
Wide Area Networks
■
Layers
■
The Application Layer
■
The Presentation Layer
■
The Session Layer
■
The Transport Layer
■
The Network Layer
■
The Data Link Layer
■
The Physical Layer
■
Terminology and Notations
■
Packets
■
Subsystems
■
Entities
■
N Notation

■
N-Functions
■
N-Facilities
■
Services
■
Making Sense of the Jargon
■
Queues and Connections
■
Standards
■
Setting Standards
■
Internet Standards
■
Protocols
■
Breaking Data Apart
■
Protocol Headers
■
Summary
■
Q&A
■
Quiz
— 1 —
Open Systems, Standards, and Protocols

Today I start looking at the subject of TCP/IP by covering some background information
you will need to put TCP/IP in perspective, and to understand why the TCP/IP protocols
were designed the way they are. This chapter covers some important information,
including the following:
●
What an open system is
●
How an open system handles networking
●
Why standards are required
●
How standards for protocols like TCP/IP are developed
●
What a protocol is
●
The OSI protocols
You might be eager to get started with the nitty-gritty of the TCP/IP protocols, or to
find out how to use the better-known services like FTP and Telnet. If you have a specific
requirement to satisfy (such as how to transfer a file from one system to another), by
all means use the Table of Contents to find the section you want. But if you want to
really understand TCP/IP, you will need to wade through the material in this chapter.
It's not complicated, although there are quite a few subjects to be covered. Luckily,
none of it requires memorization; more often than not it is a matter of setting the stage
for something else I discuss in the next week or so. So don't get too overwhelmed by this
chapter!
Open Systems
This is a book about a family of protocols called TCP/IP, so why bother looking at open
systems and standards at all? Primarily because TCP/IP grew out of the need to develop
a standardized communications procedure that would inevitably be used on a variety of
platforms. The need for a standard, and one that was readily available to anyone

(hence open), was vitally important to TCP/IP's success. Therefore, a little background
helps put the design of TCP/IP into perspective.
More importantly, open systems have become de rigueur in the current competitive
market. The term open system is bandied around by many people as a solution for all
problems (to be replaced occasionally by the term client/server), but neither term is
usually properly used or understood by the people spouting them. Understanding what
an open system really is and what it implies leads to a better awareness of TCP/IP's role
on a network and across large internetworks like the Internet.
In a similar vein, the use of standards ensures that a protocol such as TCP/IP is the same
on each system. This means that your PC can talk to a minicomputer running TCP/IP
without special translation or conversion routines. It means that an entire network of
different hardware and operating systems can work with the same network protocols.
Developing a standard is not a trivial process. Often a single standard involves more
than a single document describing a software system. A standard often involves the
interrelationship of many different protocols, as does TCP/IP. Knowing the interactions
between TCP/IP and the other components of a communications system is important for
proper configuration and optimization, and to ensure that all the services you need are
available and interworking properly.
What Is an Open System?
There are many definitions of open systems, and a single, concise definition that
everyone is happy with is far from being accepted. For most people, an open system is best
loosely defined as one for which the architecture is not a secret. The description of the
architecture has been published or is readily available to anyone who wants to build
products for a hardware or software platform. This definition of an open system applies
equally well to hardware and software.
When more than a single vendor begins producing products for a platform, customers
have a choice. You don't particularly like Nocrash Software's network monitoring
software? No problem, because FaultFree Software's product runs on the Nocrash
hardware, and you like its fancy interface much better. You need a more colorful
graphical front-end to your Whizbang PC than the one Whizbang provides? Download

one from Super Software through the Internet, and it works perfectly. The primary
idea, of course, is a move away from proprietary platforms to one that is multivendor.
A decade ago, open systems were virtually nonexistent. Each hardware manufacturer
had a product line, and you were practically bound to that manufacturer for all your
software and hardware needs. Some companies took advantage of the captive market,
charging outrageous prices or forcing unwanted configurations on their customers. The
groundswell of resentment grew to the point that customers began forcing the issue.
The lack of choice in software and hardware purchases is why several dedicated
minicomputer and mainframe companies either went bankrupt or had to accept open
system principles: their customers got fed up with relying on a single vendor. A good
example of a company that made the adaptation is Digital Equipment Corporation (DEC).
They moved from a proprietary operating system on their VMS minicomputers to a UNIX-
standard open operating system. By doing that, they kept their customers happy, and
they sold more machines. That's one of the primary reasons DEC is still in business today.
UNIX is a classic example of an open software platform. UNIX has been around for 30
years. The source code for the UNIX operating system was made available to anyone who
wanted it, almost from the start. UNIX's source code is well understood and easy to
work with, the result of 30 years of development and improvement. UNIX can be ported
to run on practically any hardware platform, eliminating all proprietary dependencies.
The attraction of UNIX is not the operating system's features themselves but simply
that a UNIX user can run software from other UNIX platforms, that files are
compatible from one UNIX system to another (except for disk formats), and that a wide
variety of vendors sell products for UNIX.
The growth of UNIX pushed the large hardware manufacturers to the open systems
principle, resulting in most manufacturers licensing the right to produce a UNIX version
for their own hardware. This step let customers combine different hardware systems
into larger networks, all running UNIX and working together. Users could move
between machines almost transparently, ignorant of the actual hardware platform
they were on. Open systems, originally of prime importance only to the largest
corporations and governments, is now a key element in even the smallest company's

computer strategy.
Although UNIX is a copyrighted work now owned by
X/Open, the details of the operating system have been published
and are readily available to any developer who wants to
produce applications or hardware that work with the operating
system. UNIX is unique in this respect.
The term open system networking means many things, depending on whom you ask. In its
broadest definition, open system networking refers to a network based on a well-known
and understood protocol (such as TCP/IP) that has its standards published and readily
available to anyone who wants to use them. Open system networking also refers to the
process of networking open systems (machaine-specific hardware and software) using a
network protocol. It is easy to see why people want open systems networking, though.
Three services are widely used and account for the highest percentage of network
traffic: file transfer, electronic mail, and remote login. Without open systems
networking, setting up any of these three services would be a nightmare.
File transfers enable users to share files quickly and efficiently, without excessive
duplication or concerns about the transport method. Network file transfers are much
faster than an overnight courier crossing the country, and usually faster than copying
a file on a disk and carrying it across the room. File transfer is also extremely
convenient, which not only pleases users but also eliminates time delays while waiting
for material. A common open system governing file transfers means that any
incompatibilities between the two machines transferring files can be overcome easily.
Electronic mail has mushroomed to a phenomenally large service, not just within a
single business but worldwide. The Internet carries millions of messages from people in
government, private industry, educational institutions, and private interests.
Electronic mail is cheap (no paper, envelope, or stamp) and fast (around the world in 60
seconds or so). It is also an obvious extension of the computer-based world we work in.
Without an open mail system, you wouldn't have anywhere near the capabilities you
now enjoy.
Finally, remote logins enable a user who is based on one system to connect through a

network to any other system that accepts him as a user. This can be in the next
workgroup, the next state, or in another country. Remote logins enable users to take
advantage of particular hardware and software in another location, as well as to run
applications on another machine. Once again, without an open standard, this would be
almost impossible.
Network Architectures
To understand networking protocols, it is useful to know a little about networks. A
quick look at the most common network architectures will help later in this book when
you read about network operations and routing. The term network usually means a set of
computers and peripherals (printers, modems, plotters, scanners, and so on) that are
connected together by some medium. The connection can be direct (through a cable) or
indirect (through a modem). The different devices on the network communicate with
each other through a predefined set of rules (the protocol).
The devices on a network can be in the same room or scattered through a building. They
can be separated by many miles through the use of dedicated telephone lines, microwave,
or a similar system. They can even be scattered around the world, again connected by a
long-distance communications medium. The layout of the network (the actual devices
and the manner in which they are connected to each other) is called the network
topology.
Usually, if the devices on a network are in a single location such as a building or a
group of rooms, they are called a local area network, or LAN. LANs usually have all
the devices on the network connected by a single type of network cable. If the devices
are scattered widely, such as in different buildings or different cities, they are usually
set up into several LANs that are joined together into a larger structure called a wide
area network, or WAN. A WAN is composed of two or more LANs. Each LAN has its own
network cable connecting all the devices in that LAN. The LANs are joined together by
another connection method, often high-speed telephone lines or very fast dedicated
network cables called backbones, which I discuss in a moment.
One last point about WANs: they are often treated as a single entity for
organizational purposes. For example, the ABC Software company might have branches

in four different cities, with a LAN in each city. All four LANs are joined together by
high-speed telephone lines. However, as far as the Internet and anyone outside the ABC
Software company are concerned, the ABC Software WAN is a single entity. (It has a
single domain name for the Internet. Don’t worry if you don’t known what a domain is
at this point in time; it refers to a single entity for organizational purposes on the
Internet, as you will see later.)
Local Area Networks
TCP/IP works across LANs and WANs, and there are several important aspects of LAN
and WAN topologies you should know about. You can start with LANs and look at their
topologies. Although there are many topologies for LANs, three topologies are
dominant: bus, ring, and hub.
The Bus Network
The bus network is the simplest, comprising a single main communications pathway with
each device attached to the main cable (bus) through a device called a transceiver or
junction box. The bus is also called a backbone because it resembles a human spine with
ribs emanating from it. From each transceiver on the bus, another cable (often very
short) runs to the device's network adapter. An example of a bus network is shown in
Figure 1.1.
Figure 1.1. A schematic of a bus network showing the backbone with transceivers
leading to network devices.
The primary advantage of a bus network is that it allows for a high-speed bus. Another
advantage of the bus network is that it is usually immune to problems with any single
network card within a device on the network. This is because the transceiver allows
traffic through the backbone whether a device is attached to the junction box or not.
Each end of the bus is terminated with a block of resistors or a similar electrical device
to mark the end of the cable electrically. Each device on the pathway has a special
identifying number, or address, that lets the device know that incoming information is
for that device.
A bus network is seldom a straight cable. Instead, it is usually twisted around walls
and buildings as needed. It does have a single pathway from one end to the other, with

each end terminated in some way (usually with a resistor). Figure 1.1 shows a logical
representation of the network, meaning it has simplified the actual physical appearance
of the network into a schematic with straight lines and no real scale to the
connections. A physical representation of the network would show how it goes through
walls, around desks, and so on. Most devices on the bus network can send or receive
data along the bus by packaging a message with the intended recipient's address.
A variation of the bus network topology is found in many small LANs that use Thin
Ethernet cable (which looks like television coaxial cable) or twisted-pair cable (which
resembles telephone cables). This type of network consists of a length of coaxial cable
that snakes from machine to machine. Unlike the bus network in Figure 1.1, there are no
transceivers on the bus. Instead, each device is connected into the bus directly using a T-
shaped connector on the network interface card, often using a connector called a BNC.
The connector connects the machine to the two neighbors through two cables, one to
each neighbor. At the ends of the network, a simple resistor is added to one side of the T-
connector to terminate the network electrically.
A schematic of this type of network is shown in Figure 1.2. Each network device has a T-
connector attached to the network interface card, leading to its two neighbors. The
two ends of the bus are terminated with resistors.
Figure 1.2. A schematic of a machine-to-machine bus network.
This machine-to-machine (also called peer-to-peer) network is not capable of sustaining
the higher speeds of the backbone-based bus network, primarily because of the medium of
the network cable. A backbone network can use very high-speed cables such as fiber
optics, with smaller (and slower) cables from each transceiver to the device. A machine-
to-machine network is usually built using twisted-pair or coaxial cable because these
cables are much cheaper and easier to work with. Until recently, machine-to-machine
networks were limited to a throughput of about 10 Mbps (megabits per second), although
recent developments called 100VG AnyLAN and Fast Ethernet allow 100 Mbps on this
type of network.
The advantage of this machine-to-machine bus network is its simplicity. Adding new
machines to the network means installing a network card and connecting the new

machine into a logical place on the backbone. One major advantage of the machine-to-
machine bus network is also its cost: it is probably the lowest cost LAN topology
available. The problem with this type of bus network is that if one machine is taken off
the network cable, or the network interface card malfunctions, the backbone is broken
and must be tied together again with a jumper of some sort or the network might cease
to function properly.
The Ring Network
A ring network topology is often drawn as its name suggests, shaped like a ring. A
typical ring network schematic is shown in Figure 1.3. You might have heard of a token
ring network before, which is a ring topology network. You might be disappointed to find
no physical ring architecture in a ring network, though.
Figure 1.3. A schematic of a ring network.
Despite the almost automatic assumption that a ring
network has a backbone with the ends of the cable joined to
form a loop, there is no real cabling ring at all. The ring name
derives from the construction of the central control unit.
The term ring is a misnomer because ring networks don't have an unending cable like a
bus network with the two terminators joined together. Instead, the ring refers to the
design of the central unit that handles the network's message passing. In a token ring
network, the central control unit is called a Media Access Unit, or MAU. The MAU has
a ring circuit inside it (for which the network topology is named). The ring inside the
MAU serves as the bus for devices to obtain messages.
The Hub Network
A hub network uses a main cable much like the bus network, which is called the
backplane. The hub topology is shown in Figure 1.4. From the backplane, a set of cables
leads to a hub, which is a box containing several ports into which devices are plugged.
The cables to a connection point are often called drops, because they drop from the
backplane to the ports.
Figure 1.4. A schematic of a hub network.
Hub networks can be very large, using a high-speed fiber optic backplane and slightly

slower Ethernet drops to hubs from which a workgroup can be supported. The hub
network can also be small, with a couple of hubs supporting a few devices connected
together by standard Ethernet cables. The hub network is scaleable (meaning you can
start small and expand as you need to), which is part of its attraction.
Hub networks have become popular for large installations, in part because they are
easy to set up and maintain. They also can be the least expensive system in many larger
installations, which adds to their attraction. The backplane can extend across a
considerable distance just like a bus network, whereas the ports, or connection points,
are usually grouped in a set placed in a box or panel. There can be many panels or
connection boxes attached to the backplane.
Wide Area Networks
As I mentioned earlier, LANs can be combined into a large entity called a WAN. WANs
are usually composed of LANs joined together by a high-speed link (such as a telephone
line or dedicated cable). At the entrance to each LAN, one or more machines act as the
link between the LAN and WAN: these are called gateways. I talk about gateways and
the types of gateways used in a WAN in more detail on many of the following days, but
for now you need to know only that a gateway is the interface between a LAN and a
WAN. The same applies for any LAN that accesses the Internet: one machine usually
acts as the gateway from the LAN to the Internet (which is really just a very large
WAN).
Many terms other than gateway are also used. You will hear terms like router and bridge.
They are all gateways, but they perform slightly different tasks. To understand their
roles (which I mention many times in the next week's material), you need to take a quick
look at how WANs are laid out.
LANs can be tied to a WAN through a gateway that handles the passage of data
between the LAN and WAN backbone. In a simple layout, a router is used to perform this
function. This is shown in Figure 1.5.
Figure 1.5. A router connects a LAN to the backbone.
Another gateway device, called a bridge, is used to connect LANs using the same
network protocol. Bridges are used only when the same network protocol (such as

TCP/IP) is on both LANs. The bridge does not care which physical media is used. Bridges
can connect twisted-pair LANs to coaxial LANs, for example, or act as an interface to a
fiber optic network. As long as the network protocol is the same, the bridge functions
properly.
If two or more LANs are involved in one organization and there is the possibility of a
lot of traffic between them, it is better to connect the two LANs directly with a bridge
instead of loading the backbone with the cross-traffic. This is shown in Figure 1.6.
Figure 1.6. Using a bridge to connect two LANs.
In a configuration using bridges between LANs, traffic from one LAN to another can be
sent through the bridge instead of onto the backbone, providing better performance. For
services such as Telnet and FTP, the speed difference between using a bridge and going
through a router onto a heavily used backbone can be significant.
WANs are an important subject, and I look at them again in more detail on Day 13,
"Managing and Troubleshooting TCP/IP."
Layers
Suppose you have to write a program that provides networking functions to every
machine on your LAN. Writing a single software package that accomplishes every task
required for communications between different computers would be a nightmarish task.
Apart from having to cope with the different hardware architectures, simply writing
the code for all the applications you desire would result in a program that was far too
large to execute or maintain.
Dividing all the requirements into similar-purpose groups is a sensible approach, much as
a programmer breaks code into logical chunks. With open systems communications, groups
are quite obvious. One group deals with the transport of data, another with the
packaging of messages, another with end-user applications, and so on. Each group of
related tasks is called a layer.
The layers of an architecture are meant to be stand-
alone, independent entities. They usually cannot perform any
observable task without interacting with other layers, but
from a programming point of view they are self-contained.

Of course, some crossover of functionality is to be expected, and several different
approaches to the same division of layers for a network protocol were proposed. One
that became adopted as a standard is the Open Systems Interconnection Reference
Model (which is discussed in more detail in the next section). The OSI Reference Model
(OSI-RM) uses seven layers, as shown in Figure 1.7. The TCP/IP architecture is similar but
involves only five layers, because it combines some of the OSI functionality in two
layers into one. For now, though, consider the seven-layer OSI model.
Figure 1.7. The OSI Reference Model showing all seven layers.
The application, presentation, and session layers are all application-oriented in that
they are responsible for presenting the application interface to the user. All three are
independent of the layers below them and are totally oblivious to the means by which
data gets to the application. These three layers are called the upper layers.
The lower four layers deal with the transmission of data, covering the packaging,
routing, verification, and transmission of each data group. The lower layers don't
worry about the type of data they receive or send to the application, but deal simply
with the task of sending it. They don't differentiate between the different applications
in any way.
The following sections explain each layer to help you understand the architecture of
the OSI-RM (and later contrast it with the architecture of TCP/IP).
The Application Layer
The application layer is the end-user interface to the OSI system. It is where the
applications, such as electronic mail, USENET news readers, or database display modules,
reside. The application layer's task is to display received information and send the user's
new data to the lower layers.
In distributed applications, such as client/server systems, the application layer is where
the client application resides. It communicates through the lower layers to the server.
The Presentation Layer
The presentation layer's task is to isolate the lower layers from the application's data
format. It converts the data from the application into a common format, often called
the canonical representation. The presentation layer processes machine-dependent data

from the application layer into a machine-independent format for the lower layers.
The presentation layer is where file formats and even character formats (ASCII and
EBCDIC, for example) are lost. The conversion from the application data format takes
place through a "common network programming language" (as it is called in the OSI
Reference Model documents) that has a structured format.
The presentation layer does the reverse for incoming data. It is converted from the
common format into application-specific formats, based on the type of application the
machine has instructions for. If the data comes in without reformatting instructions,
the information might not be assembled in the correct manner for the user's application.
The Session Layer
The session layer organizes and synchronizes the exchange of data between application
processes. It works with the application layer to provide simple data sets called
synchronization points that let an application know how the transmission and reception of
data are progressing. In simplified terms, the session layer can be thought of as a timing
and flow control layer.
The session layer is involved in coordinating communications between different
applications, letting each know the status of the other. An error in one application
(whether on the same machine or across the country) is handled by the session layer to
let the receiving application know that the error has occurred. The session layer can
resynchronize applications that are currently connected to each other. This can be
necessary when communications are temporarily interrupted, or when an error has
occurred that results in loss of data.
The Transport Layer
The transport layer, as its name suggests, is designed to provide the "transparent
transfer of data from a source end open system to a destination end open system,"
according to the OSI Reference Model. The transport layer establishes, maintains, and
terminates communications between two machines.
The transport layer is responsible for ensuring that data sent matches the data
received. This verification role is important in ensuring that data is correctly sent, with
a resend if an error was detected. The transport layer manages the sending of data,

determining its order and its priority.
The Network Layer
The network layer provides the physical routing of the data, determining the path
between the machines. The network layer handles all these routing issues, relieving
the higher layers from this issue.
The network layer examines the network topology to determine the best route to send
a message, as well as figuring out relay systems. It is the only network layer that sends
a message from source to target machine, managing other chunks of data that pass
through the system on their way to another machine.
The Data Link Layer
The data link layer, according to the OSI reference paper, "provides for the control of
the physical layer, and detects and possibly corrects errors that can occur." In
practicality, the data link layer is responsible for correcting transmission errors
induced during transmission (as opposed to errors in the application data itself, which
are handled in the transport layer).
The data link layer is usually concerned with signal interference on the physical
transmission media, whether through copper wire, fiber optic cable, or microwave.
Interference is common, resulting from many sources, including cosmic rays and stray
magnetic interference from other sources.
The Physical Layer
The physical layer is the lowest layer of the OSI model and deals with the "mechanical,
electrical, functional, and procedural means" required for transmission of data,
according to the OSI definition. This is really the wiring or other transmission form.
When the OSI model was being developed, a lot of concern dealt with the lower two
layers, because they are, in most cases, inseparable. The real world treats the data link
layer and the physical layer as one combined layer, but the formal OSI definition
stipulates different purposes for each. (TCP/IP includes the data link and physical
layers as one layer, recognizing that the division is more academic than practical.)
Terminology and Notations
Both OSI and TCP/IP are rooted in formal descriptions, presented as a series of complex

documents that define all aspects of the protocols. To define OSI and TCP/IP, several
new terms were developed and introduced into use; some (mostly OSI terms) are rather
unusual. You might find the term OSI-speak used to refer to some of these rather
grotesque definitions, much as legalese refers to legal terms.
To better understand the details of TCP/IP, it is necessary to deal with these terms now.
You won't see all these terms in this book, but you might encounter them when reading
manuals or online documentation. Therefore, all the major terms are covered here.
Many of the terms used by both OSI and TCP/IP might seem
to have multiple meanings, but there is a definite attempt to
provide a single, consistent definition for each word.
Unfortunately, the user community is slow to adopt new
terminology, so there is a considerable amount of confusion.
Packets
To transfer data effectively, many experiments have shown that creating a uniform
chunk of data is better than sending characters singly or in widely varying sized
groups. Usually these chunks of data have some information ahead of them (the header)
and sometimes an indicator at the end (the trailer). These chunks of data are called
packets in most synchronous communications systems.
The amount of data in a packet and the composition of the header can change depending
on the communications protocol as well as some system limitations, but the concept of a
packet always refers to the entire set (including header and trailer). The term packet is
used often in the computer industry, sometimes when it shouldn't be.
You often see the word packet used as a generic reference to any group of data packaged
for transmission. As an application's data passes through the layers of the architecture,
each adds more information. The term packet is frequently used at each stage. Treat the
term packet as a generalization for any data with additional information, instead of the
specific result of only one layer's addition of header and trailer. This goes against the
efforts of both OSI and the TCP governing bodies, but it helps keep your sanity intact!
Subsystems
A subsystem is the collective of a particular layer across a network. For example, if 10

machines are connected together, each running the seven-layer OSI model, all 10
application layers are the application subsystem, all 10 data link layers are the data
link subsystem, and so on. As you might have already deduced, with the OSI Reference
Model there are seven subsystems.
It is entirely possible (and even likely) that all the individual components in a
subsystem will not be active at one time. Using the 10-machine example again, only three
might have the data link layer actually active at any moment in time, but the
cumulative of all the machines makes up the subsystem.
Entities
A layer can have more than one part to it. For example, the transport layer can have
routines that verify checksums as well as routines that handle resending packets that
didn't transfer correctly. Not all these routines are active at once, because they might
not be required at any moment. The active routines, though, are called entities. The
word entity was adopted in order to find a single term that could not be confused with
another computer term such as module, process, or task.
N Notation
The notations N, N+1, N+2, and so on are used to identify a layer and the layers that
are related to it. Referring to Figure 1.7, if the transport layer is layer N, the physical
layer is N–3 and the presentation layer is N+2. With OSI, N always has a value of 1
through 7 inclusive.
One reason this notation was adopted was to enable writers to refer to other layers
without having to write out their names every time. It also makes flow charts and
diagrams of interactions a little easier to draw. The terms N+1 and N–1 are commonly
used in both OSI and TCP for the layers above and below the current layer,
respectively, as you will see.
To make things even more confusing, many OSI standards refer to a layer by the first
letter of its name. This can lead to a real mess for the casual reader, because "S-entity,"
"5-entity," and "layer 5" all refer to the session layer.
N-Functions
Each layer performs N-functions. The functions are the different things the layer does.

Therefore, the functions of the transport layer are the different tasks that the layer
provides. For most purposes in this book, functions and entities mean the same thing.
N-Facilities
This uses the hierarchical layer structure to express the idea that one layer provides a
set of facilities to the next higher layer. This is sensible, because the application layer
expects the presentation layer to provide a robust, well-defined set of facilities to it. In
OSI-speak, the (N+1)-entities assume a defined set of N-facilities from the N-entity.
Services
The entire set of N-facilities provided to the (N+1)-entities is called the N-service. In
other words, the service is the entire set of N-functions provided to the next higher
layer. Services might seem like functions, but there is a formal difference between the
two. The OSI documents go to great lengths to provide detailed descriptions of services,
with a "service definition standard" for each layer. This was necessary during the
development of the OSI standard so that the different tasks involved in the
communications protocol could be assigned to different layers, and so that the
functions of each layer are both well-defined and isolated from other layers.
The service definitions are formally developed from the bottom layer (physical) upward
to the top layer. The advantage of this approach is that the design of the N+1 layer can
be based on the functions performed in the N layer, avoiding two functions that
accomplish the same task in two adjacent layers.
An entire set of variations on the service name has been developed to apply these
definitions, some of which are in regular use:
An N-service user is a user of a service provided by the N layer to the next higher (N+1)
layer.
An N-service provider is the set of N-entities that are involved in providing the N layer
service.
An N-service access point (often abbreviated to N-SAP) is where an N-service is provided
to an (N+1)-entity by the N-service provider.
N-service data is the packet of data exchanged at an N-SAP.
N-service data units (N-SDUs) are the individual units of data

exchanged at an N-SAP (so that N-service data is made up of N-
SDUs).
These terms are shown in Figure 1.8. Another common term is encapsulation, which is the
addition of control information to a packet of data. The control data contains
addressing details, checksums for error detection, and protocol control functions.
Figure 1.8. Service providers and service users communicate through service access
points.
Making Sense of the Jargon
It is important to remember that all these terms are used in a formal description,
because a formal language is usually the only method to adequately describe
something as complex as a communications protocol. It is possible, though, to fit these
terms together so that they make a little more sense when you encounter them. An
example should help.
The session layer has a set of session functions. It provides a set of session facilities to
the layer above it, the presentation layer. The session layer is made up of session
entities. The presentation layer is a user of the services provided by the session layer
(layer 5). A presentation entity is a user of the services provided by the session layer and
is called a presentation service user.